« Banning Wikipedia? | Main | IST Museum »

Human Risk Factor

In a recent survey taken by Sophos, businesses were asked to account for their biggest concerns in regards to security and risk as far as the technologies of their companies were concerned. The main consensus of these surveys was that a large majority of businesses still believe their employees to be the main risk to exposing the company to IT threats.
Paul Ducklin, Sophos’ head of security stated that the conclusion that can be drawn from this is that administration has yet to take desktop security seriously within lower level of company workings. Ducklin also stated that most of the attention in these companies is focused on “the outside” rather than “the inside”, but most physical accidents with laptops and other such devices are unavoidable and more time should be devoted to things that can be easily prevented, like IT threats.
A separate survey conducted by the Department of Trade and Industry went one further to pinpoint the errors that compiled the human risk in companies. In this instance 1,800 people were given passwords to remember and over one third of these participants wrote down their password or storing it on their computers.
It goes without saying that this is a huge risk to be taking in today’s IT world, which is saturated with hackers and potential identity thieves. Companies seem to be realizing the risks that human ignorance can bring upon a business yet these surveys have been run annually and the numbers have yet to drop in favor of more intelligent IT practices. How long will it take for these companies to realize that they need to educate from the bottoms of the corporate ladder upwards? I would like to say that the lesson has been learned but outside of the realm of information technology there are still many who are unaware of the risks they are posing to their own systems.

These are the articles where I read about this:
http://www.news.com/Survey-Office-workers-still-the-greatest-security-threat/2100-7355_3-6213227.html?tag=item

http://www.channelregister.co.uk/2007/06/18/dti_it_security_research

Posted by CORINNE ROSE BERNSTIEL on November 28, 2007 10:37 AM |

TrackBack

TrackBack URL for this entry:
https://blogs.psu.edu/mt-unprotected/mt-tb.cgi/7722

Comments (2)

Papapapat Bonner:

My mother keeps a list in her purse of every single password for all of her online accounts. The way I look at it, though, is that if someone steals that purse she is already losing a lot, so what's a few more things? Seriously, though, with that login information our family could lose a lot of money and I'll have to drop out of PSU.

Posted by Papapapat Bonner | December 14, 2007 4:22 AM

Posted on December 14, 2007 04:22

Paul Langdon:

People are stupid. How else can you explain it? lets face it, not even good well hidden passwords are safe after the advent of rainbow tables!

Posted by Paul Langdon | December 14, 2007 6:34 AM

Posted on December 14, 2007 06:34

Post a comment

Search


About

This page contains a single entry from the blog posted on November 28, 2007 10:37 AM.

The previous post in this blog was Banning Wikipedia?.

The next post in this blog is IST Museum.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.33